why when I go to https://soundcloud.com/connect?client_id=MY_ID&redirect_uri=http://MY/FULL/URL/&response_type=code&scope=non-expiring&consumer_key=MY_ID it redirects me back to my website? On localhost (dev API) it works.
That sounds like the correct behaviour - once you've successfully authenticated, you should be redirected back to the redirect_uri. Is this working or not?
Related
My old mobile app is using digitalocean dedicated ip to access the API from my website.
Now I have new domain for my website, but for some reason I cannot change the ip in my app to the new domain im using now.
When my app sending POST request to the API, the POST request is lost and my API can't get the value. I think its because the redirect process from the ip to domain. Is there a way to access my API from the old ip without losing POST value?
If you are externally redirecting the POST request with a 301 or 302 status then user-agents will usually issue a GET request on the second/redirected request, so your POST data is lost.
For user-agents to preserve the request method through the redirect then you need to issue a 307 (Temporary) or 308 (Permanent) HTTP status code instead.
Reference:
MDN docs - 307 Temporary Redirect
MDN docs - 308 Permanent Redirect
My client is use other type
I have no idea why i get redirect_uri_mismatch error. It work on localhost but not on domain.
Client type other is for installed applications it should not have a redirect uri the way it works is it returns the authorization code directly back where it came from that being
localhost
127.0.0.1
urn:ietf:wg:oauth:2.0:oob
For some reason your code is sending a https redirect uri which is in correct it should not be doing this. It looks like you are using the code for a web browser application with a native application client.
I am using cloudflare's "flexible ssl" as an intermediary between client and my site.
After setting this up, I went to the browser and tried accessing my site via https:
https://example.com/login
and everything works. I fill in my login info and log in successfully and am not on http://example.com . I manually enter https://example.com/* where * is many other pages and it all works fine.
Now I want to redirect all requests to use the seemingly working https. So i go to my cloudflare account on their website and create a page rule : http://example.com/* to always use https.
Now I go to example.com/login and successfully redirected to https://example.com/login, I fill in my log in information and submit the login form , the page refreshes and I am back to https://example.com/login with an empty login form.
Anyone know what the problem is or how to help troubleshoot?
I am using laravel as a framework for the site and apache as the webserver.
create a page rule : http://example.com/* to always use https
Noted. Be aware that CloudFlare does this by accepting every HTTP request on http://example.com/* and returning a 301 redirect to the equivalent HTTPS request. The browser completes the redirect by sending a GET request to the HTTPS URL.
I fill in my log in information and submit the login form
Check the login form source carefully and check what URL the login form is submitted to. My guess is that the form is submitted to http://example.com/login or something similar. CloudFlare will accept the POST request to http://example.com/login and return a 301 redirect to https://example.com/login -- which your browser will complete as a GET request and hence not sending the login data.
So your best solution is to make sure that your login form POSTs to the correct HTTPS URL not to the HTTP URL.
That's my best guess anyway.
how to help troubleshoot?
Ensure that you are using different log files to distinguish between HTTP and HTTPS requests on your server.
Some other suggestions:
Get a Let's Encrypt SSL certificate and put that on your site so that the communication between CloudFlare and your site is all SSL. https://letsencrypt.org/
Ensure that HSTS is turned on for all of your HTTPS requests so that the browser will know not to send any requests to any HTTP URLs.
Create a development server where you can test all of this working with HTTPS between the browser and the web server without CloudFlare. Once you've got it all working in HTTPS mode without CloudFlare then you can try it with CloudFlare and you should get essentially the same results. Your problem is with the HTTP -> HTTPS switch, not specifically with CloudFlare.
Currently, I'm trying to integrate the OneDrive SDK onto a website. However, I'm having issue with redirecting with authentication.
Normal route:
User goes to the website. It clicks on a button to single sign onto there OneDrive
User gets redirected to OneDrive Authorization page.
Once authentication, user gets redirected to where they left off. This redirect is specified in the OneDrive's SDK account. However, it seems that they don't allow query params in the redirect URL.
Is there a way around this?
The only thing I could figure out is using a URL that is an alias for the URL with the query params, but that just seems like a hack solution. It's hard to believe that there isn't a way for a user to redirect with query params to indicate at what stage they left off on the site.
Example of invalid redirect url as http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive
Any advice appreciated,
Thanks,
D
You can try registering your base URL as the redirect URL and just before initiating authorization action append the parameters to the redirect URL.
Redirect URL at one drive app dashboard : http://skydpk.com/index.php
Authorization URL
https://login.live.com/oauth20_authorize.srf?client_id=<your client id>&scope=<scope>&response_type=code&redirect_uri=http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive
I am testing the foursquare API at the localhost
in the configuration of foursquare developer, I set the application url as
Download / welcome page url
http://localhost
Your privacy policy url
http://localhost/
Callback url
http://localhost/app
my application url is http://localhost/app, and the idea is really simple, use HTML5 geo API to get my geo location, and use this geo data to get nearby places from foursquare API.
However, when the page redirect the foursquare at the auth, the redirected page says something goes wrong.
I guess it is because of the callback url, could somebody show me how to set right configuration at the localhost.
I ran into this issue. It appears that when authorizing, the 4SQ API expects the redirect_uri to sent and to match what is in the APP settings. So basically, when creating the Auth URL you should be sending the client_id, response_type AND redirect_uri. The value you put for your redirect_uri MUST match what you entered in your APP settings which in your case would be "http://localhost/app"